annotate mod_http_rest/README.markdown @ 5518:d87d0e4a8516

mod_http_oauth2: Validate the OpenID 'prompt' parameter Without support for affecting the login and consent procedure, it seems sensible to inform the client that they can't change anything with this parameter.
author Kim Alvefur <zash@zash.se>
date Mon, 05 Jun 2023 22:19:17 +0200
parents 79432b859d21
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2336
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
1 ---
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
2 labels:
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
3 - 'Stage-Alpha'
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
4 summary: Send XMPP stanzas via REST/HTTP
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
5 ...
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
6
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
7 This module provides a [REST](https://en.wikipedia.org/wiki/Representational_state_transfer)ful
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
8 method for sending XMPP stanzas.
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
9
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
10 This enables you to send stanzas by making HTTP requests to `http://${prosody-url}/rest`.
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
11
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
12 **DANGER/ACHTUNG!: This module does NOT enforce any authentication or user-checking.
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
13 This means that by default stanzas can be sent *anyone* on behalf of *any* user.**
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
14
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
15 You should enable [mod_http_authentication](https://modules.prosody.im/mod_http_authentication.html),
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
16 to require authentication for calls made to this module, or alternatively, you
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
17 could use a reverse proxy like Nginx.
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
18
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
19 # To enable this module
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
20
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
21 Add `"http_rest"` to `modules_enabled`, either globally or for a particular virtual
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
22 host.
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
23
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
24 # How to test:
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
25
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
26 You can use curl to make the HTTP request to Prosody, to test whether this
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
27 module is working properly:
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
28
79432b859d21 New module: mod_http_rest.lua
JC Brand <jcbrand@minddistrict.com>
parents:
diff changeset
29 curl -k http://localhost:5280/rest -u username:password -H "Content-Type: text/xml" -d '<iq to="pubsub.localhost" type="set" id="4dd1a1e3-ef91-4017-a5aa-eaba0a82eb94-1" from="user@localhost"><pubsub xmlns="http://jabber.org/protocol/pubsub"><publish node="Test mod_rest.lua"><item>Hello World!</item></publish></pubsub></iq>'